diff --git a/src/ui-socket.c b/src/ui-socket.c index f383b77..1daa9dd 100644 --- a/src/ui-socket.c +++ b/src/ui-socket.c @@ -14,8 +14,10 @@ #include "cc.h" #include "perm_permissions_table.h" #include "real_filename.h" +#include "sourcefs.h" #include "temp_permissions_table.h" #include "ui-socket.h" +#include #include #include #include @@ -28,6 +30,11 @@ #define ZENITY_NO 1 #define ZENITY_PERM 2 +struct dialogue_response { + access_t decision; + char *filename; +}; + int init_ui_socket(const char *perm_permissions_db_filename) { FILE *fp = NULL; @@ -66,11 +73,16 @@ void destroy_ui_socket(void) { * @return: access status - ALLOW, DENY or ALLOW_TEMP * allowed for the runtime of the process */ -access_t ask_access(const char *filename, struct process_info proc_info) { +struct dialogue_response ask_access(const char *filename, + struct process_info proc_info) { FILE *fp = NULL; char *command = NULL; int ret = asprintf(&command, "zenity \"%d\" \"%s\" \"%s\" \"%s\"", - proc_info.PID, proc_info.name, filename, get_mountpoint()); + proc_info.PID, proc_info.name, get_mountpoint(), filename); + + struct dialogue_response response; + response.decision = DENY; + response.filename = NULL; if (ret < 0) { // If asprintf fails, the contents of command are undefined (see man @@ -79,7 +91,11 @@ access_t ask_access(const char *filename, struct process_info proc_info) { // justify preparing for this. fprintf(stderr, "Could not create query on rule insertion"); perror(""); - return 1; + response.decision = DENY; + response.filename = malloc(2); + response.filename[0] = '.'; + response.filename[1] = 0; + return response; } // Zenity Question Message Popup @@ -88,18 +104,20 @@ access_t ask_access(const char *filename, struct process_info proc_info) { if (fp == NULL) { perror("Pipe returned a error"); - return DENY; + response.decision = DENY; + response.filename = malloc(2); + response.filename[0] = '.'; + response.filename[1] = 0; + return response; } str(char) zenity_output; init(&zenity_output); - size_t total_read = 0; char line[1024]; // Buffer to read individual lines // Read the command output line by line while (fgets(line, sizeof(line), fp)) { - size_t line_len = strlen(line); push_fmt(&zenity_output, line); } @@ -107,16 +125,28 @@ access_t ask_access(const char *filename, struct process_info proc_info) { fprintf(stderr, "zenity wrote out %s\n", first(&zenity_output)); fprintf(stderr, "zenity returned %d\n", zenity_exit_code); + // if (size(&zenity_output) == 0) { + // push(&zenity_output, '.'); + // } + + assert(strlen(first(&zenity_output)) == size(&zenity_output)); + + response.filename = malloc(size(&zenity_output) + 1); + strcpy(response.filename, first(&zenity_output)); + // response.filename[size(&zenity_output)] = 0; + + // assert(0 == strcmp(response.filename, first(&zenity_output))); cleanup(&zenity_output); if (zenity_exit_code == (ZENITY_YES | ZENITY_PERM)) { - return ALLOW; - } - if (zenity_exit_code == ZENITY_YES) { - return ALLOW_TEMP; + response.decision = ALLOW; + } else if (zenity_exit_code == ZENITY_YES) { + response.decision = ALLOW_TEMP; + } else { + response.decision = DENY; } - return DENY; + return response; } /** @@ -136,20 +166,36 @@ int interactive_access(const char *filename, struct process_info proc_info, access_t access = check_temp_access(real_path, proc_info); if (access == ALLOW) { + fprintf(stderr, + "Permission allowed to %s based on a rule present in the temp " + "permission table.\n", + proc_info.name); free(real_path); return 1; } if (access == DENY) { + fprintf(stderr, + "Permission denied to %s based on a rule present in the temp " + "permission table.\n", + proc_info.name); free(real_path); return 0; } access = check_perm_access(real_path, proc_info); if (access == ALLOW) { + fprintf(stderr, + "Permission allowed to %s based on a rule present in the perm " + "permission table.\n", + proc_info.name); free(real_path); return 1; } if (access == DENY) { + fprintf(stderr, + "Permission denied to %s based on a rule present in the perm " + "permission table.\n", + proc_info.name); free(real_path); return 0; } @@ -158,30 +204,61 @@ int interactive_access(const char *filename, struct process_info proc_info, // permissions are granted if (opts & GRANT_PERM) { + fprintf(stderr, "Permission granted permanently to %s.\n", proc_info.name); give_perm_access(real_path, proc_info); free(real_path); return 1; } if (opts & GRANT_TEMP) { + fprintf(stderr, "Permission granted temporarily to %s.\n", proc_info.name); set_temp_access(real_path, proc_info, SET_ALLOW); free(real_path); return 1; } - access_t user_response = ask_access(real_path, proc_info); - if (user_response == ALLOW) { + struct dialogue_response response = ask_access(filename, proc_info); + // fprintf(stderr, "%s", response.filename); + // assert(0 != strlen(response.filename)); + + // the user might specify a different file in the dialogue, so we need to + // check if it is valid + + /* + while (source_access(response.filename, F_OK)) { + // if it is invalid, just ask again. + fprintf(stderr, "Filename returned by zenty wasn't correct: %s\n", + response.filename); + free(response.filename); + response = ask_access(filename, proc_info); + } + */ + free(real_path); + + real_path = real_filename(response.filename); + free(response.filename); + + if (response.decision == ALLOW) { + fprintf(stderr, + "Permission granted permanently to %s based on zenty response.\n", + proc_info.name); give_perm_access(real_path, proc_info); free(real_path); return 1; } - if (user_response == ALLOW_TEMP) { + if (response.decision == ALLOW_TEMP) { + fprintf(stderr, + "Permission granted temporarily to %s based on zenty response.\n", + proc_info.name); set_temp_access(real_path, proc_info, SET_ALLOW); free(real_path); return 1; } - if (user_response == DENY) { + if (response.decision == DENY) { + fprintf(stderr, + "Permission denied temporarily to %s based on zenty response.\n", + proc_info.name); set_temp_access(real_path, proc_info, SET_DENY); free(real_path); return 0;